From patchwork Tue Jul 4 15:36:25 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Florent Revest X-Patchwork-Id: 13301390 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 639D1EB64D9 for ; Tue, 4 Jul 2023 15:37:13 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id C84AD28008C; Tue, 4 Jul 2023 11:37:12 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id C162E28008D; Tue, 4 Jul 2023 11:37:12 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id A853E28008C; Tue, 4 Jul 2023 11:37:12 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0015.hostedemail.com [216.40.44.15]) by kanga.kvack.org (Postfix) with ESMTP id 98ECF280076 for ; Tue, 4 Jul 2023 11:37:12 -0400 (EDT) Received: from smtpin04.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay08.hostedemail.com (Postfix) with ESMTP id 12C45140AC6 for ; Tue, 4 Jul 2023 15:37:12 +0000 (UTC) X-FDA: 80974333104.04.5E6977E Received: from mail-wr1-f54.google.com (mail-wr1-f54.google.com [209.85.221.54]) by imf19.hostedemail.com (Postfix) with ESMTP id 0CF1E1A0004 for ; Tue, 4 Jul 2023 15:37:08 +0000 (UTC) Authentication-Results: imf19.hostedemail.com; dkim=pass header.d=chromium.org header.s=google header.b="Z1/poYmW"; dmarc=pass (policy=none) header.from=chromium.org; spf=pass (imf19.hostedemail.com: domain of revest@chromium.org designates 209.85.221.54 as permitted sender) smtp.mailfrom=revest@chromium.org ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1688485029; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=1v5lGibnAF/heTsoRNB1jAJr0Wc+6STg6A/2r7lAh8k=; b=TDdIR4At/urWzWGRiLwv/LUSkfklnXGKWQRRanj4ko4dXOtK6IFG6BrVY+N6sW3GcTz7Tl uDWBWkXTntybV5WvoeuQtiwWKbdYvD+/lgzJsGxeQgCLU2CoEHH33wQUC7OPLySn3Kw3jb jf/BPCz9BUUe8UPsmnUMWKGX5T/avEg= ARC-Authentication-Results: i=1; imf19.hostedemail.com; dkim=pass header.d=chromium.org header.s=google header.b="Z1/poYmW"; dmarc=pass (policy=none) header.from=chromium.org; spf=pass (imf19.hostedemail.com: domain of revest@chromium.org designates 209.85.221.54 as permitted sender) smtp.mailfrom=revest@chromium.org ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1688485029; a=rsa-sha256; cv=none; b=jgkloyCTksgJ+i2DU3g0zygk8rdb2g160nbSMa4JVyysvUvm9HhK037z5kPoCy8qunMBzg 0WYUjiIhL0HFdeyiafJ41xitTdlhduZ5JineVbpFPirAYI/C3kQgiCPM/cTBJ2vioOr0xa JKj1SXni4Xkw5kJha+fK3cIk1jxnMwU= Received: by mail-wr1-f54.google.com with SMTP id ffacd0b85a97d-313f1085ac2so6389504f8f.1 for ; Tue, 04 Jul 2023 08:37:08 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; t=1688485027; x=1691077027; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=1v5lGibnAF/heTsoRNB1jAJr0Wc+6STg6A/2r7lAh8k=; b=Z1/poYmW45cjv7LNYkKB69NwMZFwnZvKh4vFG+6k08+f3spLw+mSSsETwE1tgZbMD1 HKU7aZ1QKyT4aOvcP8fHNQn8gTaqeG/F0VlqaCbQYBQXuAmW0OSwQa/XQQti57AVxQCe p79ZfZDYrSgg8pFr2OcW+0iCZO/Excu3e9VeE= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1688485027; x=1691077027; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=1v5lGibnAF/heTsoRNB1jAJr0Wc+6STg6A/2r7lAh8k=; b=Y8vMx8/H9rM6VavkRuMpBf/hxrzBXfq0o0iCMsOG76BT5GjHHIqVdnFO8Erhu8ckq5 PppdQ+n8q/sMBUUctGUy1X0kYKvAVgbrfqJjUVInajXkgSe2hpwm/PUdowK9aq8bOQKi Hif0kLQV4EdlU/sCanFpMGcLw4Ts6PqfJMBL1ha/uGRD+tItC/LP81duyutI2woKPYOn H/5v03+yTZ4A+p1ha77PUlbeY1QyrjFDLF6NiN5HYaW93xchCz0UZVgsDB99ARJZMHrh pekXu73r6Kw/Zg+wO4K+YOqonF4/aw+ZU4tbloHRyn7YrQSsGrc3OCzTlguMnHuKdFvq gA8A== X-Gm-Message-State: ABy/qLa3Hq2hz4tIErUPWJy72qyj2oc3TXVEC1ewaWEg02GEWC8Fnasn VHPNbv/HkPlqz+8aLdCAOsPsDg== X-Google-Smtp-Source: APBJJlF4ddN4NnLSebE8v9sNmpNAPwAbxVyqwdoBjPzfy26Qv0Li1SwR3xWjrXbxRNN2kNlT3NSVuA== X-Received: by 2002:adf:cd0a:0:b0:314:10d8:b482 with SMTP id w10-20020adfcd0a000000b0031410d8b482mr10533375wrm.65.1688485027313; Tue, 04 Jul 2023 08:37:07 -0700 (PDT) Received: from revest.zrh.corp.google.com ([2a00:79e0:9d:6:99b2:81bb:8407:5369]) by smtp.gmail.com with ESMTPSA id b2-20020adfde02000000b0030c4d8930b1sm28538709wrm.91.2023.07.04.08.37.05 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 04 Jul 2023 08:37:06 -0700 (PDT) From: Florent Revest To: linux-kernel@vger.kernel.org, linux-mm@kvack.org Cc: akpm@linux-foundation.org, catalin.marinas@arm.com, anshuman.khandual@arm.com, joey.gouly@arm.com, mhocko@suse.com, keescook@chromium.org, david@redhat.com, peterx@redhat.com, izbyshev@ispras.ru, broonie@kernel.org, szabolcs.nagy@arm.com, kpsingh@kernel.org, gthelen@google.com, toiwoton@gmail.com, Florent Revest Subject: [PATCH v3 1/5] kselftest: vm: Fix tabs/spaces inconsistency in the mdwe test Date: Tue, 4 Jul 2023 17:36:25 +0200 Message-ID: <20230704153630.1591122-2-revest@chromium.org> X-Mailer: git-send-email 2.41.0.255.g8b1d071c50-goog In-Reply-To: <20230704153630.1591122-1-revest@chromium.org> References: <20230704153630.1591122-1-revest@chromium.org> MIME-Version: 1.0 X-Rspam-User: X-Rspamd-Server: rspam12 X-Rspamd-Queue-Id: 0CF1E1A0004 X-Stat-Signature: 14tg361bmqnzm17ysjyrjqyzepw45zjz X-HE-Tag: 1688485028-812466 X-HE-Meta: U2FsdGVkX1+E3qI4rUnwTUCVyyUhmx2IEfqdyxGcyqaggM0BwWRAws6dgye/lRAnR2DNPjg8Zj0Rr5YUzwweBeOvQiX45tjv0BHh3PWyqwTtUAiNcMpl+Yf1E3dObPwqBNj/iuaLaMTllL859AX9I/5lZCw+zZMJ2abcofeQuIFKcN1QszK+2P+nEQsiMYM3mgJMj+7NQzVdMj1HrcYl9vq/pEjzDkmz2MYuccY5VuQ4TppXI2CvmTH81boAD7gspew6JXNxbsEmPvFK9fgHQklXvWqk7Ma5RrTZNM21BqAu2yPUMr9CxrVwaqz4pkHclM6glSaRgLmkG7755WXiZxTCeG0TMoZMs49JVpVvrCPNPpUNOKJAlwnSS0mRZmuNsDVMcC1rsbEK/fyuNuXeWVxqG5DfCcWjqLB2BMEq8Z0M555JD7+4Bw9hY1mX3K3r5YYZZXwrV0SWsHqFyYpSu3bqpHeQFPeqhhOgKPfhlKRQTQyuYAsHB6Km2mmfXBhLbibhiDDbWe7V0GWVBwxa5BGSi6ndz/8p7JZ7wFjkF/JGK83i03gnNnk/8ES8m8rGl/g4QW8gp2uC5rd0OItPG5ElTPHPqr7rKTdjK2aUwfeTdqCrLzhn/hzO+KmDYNVhopPXheruaJNqeeXYNm06DTjQq93EJ65XZWDe0TmYWUukwQ2uoYMaWrqgqGsz/LdtaTtYlDPzEMCsOAYvMyZVD8y9Z5tmxFzAdRDSHKuhHflF7onhVL+PrPaeGdQNGEIjJ0M9rCK8MO5MUJW2bJKHdsnoed9uJN3Kae1UnYqmuK2mcV70+JSqjitF8lX7FXTehAOmDK4din2bjIoGe/O6xOb6n5bolXt639BMNNgqIeUMd6PBMlE3Jlg25hzhNXY1l5gmmZvSCKjXrnnSPYIbwqFzGPha739cZuCGXOrHhSt6sTv7fPhPXfIPoYOU5V9KOygsafok6Z4FwiXROto gYKLX23X sbfgDosf2KTUL/TAbEhmQbjYzvstIi728mDSLiwW57N23R7AK6wEN925J+it5HKL0tMVwHn5YW3agwTO8iozxInWrYlW5Difx9nsFpJ5Kk1hTy0QvW/cNiNkC9pEbjh/e4hBBJLSs8JA0cIUOa9J9nF3u2AlUprq714riRwwNfvGVx8c0aWFDMumpBRa81P47cO3+XmE9kkz4g3XvK1ubFSqqQn/JX/lNspFi/Q2M1fxQEm9VqeeQBEmhsPdaOhncLbgTm/ymWSZ9wmZhqAbog6cAwRbIz760vsu33vwaPvEfSINBQL2I3DEqLAf3uxr76bU1vYUpON+BAdY6hTh+DiV0Ug0H0TGUYLxPGo7VndHDctmtwTwuhJxmvumx15BL61NnDmAjLXHtnl4uhKg5xtib4sbBcJ6i83Q3k7bj5b4yxp1CHQncN7Uwqg== X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: Reviewed-by: David Hildenbrand Signed-off-by: Florent Revest Reviewed-by: Kees Cook Acked-by: Catalin Marinas --- tools/testing/selftests/mm/mdwe_test.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/tools/testing/selftests/mm/mdwe_test.c b/tools/testing/selftests/mm/mdwe_test.c index bc91bef5d254..d0954c657feb 100644 --- a/tools/testing/selftests/mm/mdwe_test.c +++ b/tools/testing/selftests/mm/mdwe_test.c @@ -49,19 +49,19 @@ FIXTURE_VARIANT(mdwe) FIXTURE_VARIANT_ADD(mdwe, stock) { - .enabled = false, + .enabled = false, .forked = false, }; FIXTURE_VARIANT_ADD(mdwe, enabled) { - .enabled = true, + .enabled = true, .forked = false, }; FIXTURE_VARIANT_ADD(mdwe, forked) { - .enabled = true, + .enabled = true, .forked = true, }; From patchwork Tue Jul 4 15:36:26 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Florent Revest X-Patchwork-Id: 13301391 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 9AE0FEB64DA for ; Tue, 4 Jul 2023 15:37:14 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 1381528008D; Tue, 4 Jul 2023 11:37:13 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 0C156280076; Tue, 4 Jul 2023 11:37:13 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id E59C428008E; Tue, 4 Jul 2023 11:37:12 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0013.hostedemail.com [216.40.44.13]) by kanga.kvack.org (Postfix) with ESMTP id B9C7A280076 for ; Tue, 4 Jul 2023 11:37:12 -0400 (EDT) Received: from smtpin15.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay04.hostedemail.com (Postfix) with ESMTP id 826171A0AC9 for ; Tue, 4 Jul 2023 15:37:12 +0000 (UTC) X-FDA: 80974333104.15.BC3F683 Received: from mail-wm1-f44.google.com (mail-wm1-f44.google.com [209.85.128.44]) by imf02.hostedemail.com (Postfix) with ESMTP id 782CE80022 for ; Tue, 4 Jul 2023 15:37:10 +0000 (UTC) Authentication-Results: imf02.hostedemail.com; dkim=pass header.d=chromium.org header.s=google header.b=im9v3tz+; spf=pass (imf02.hostedemail.com: domain of revest@chromium.org designates 209.85.128.44 as permitted sender) smtp.mailfrom=revest@chromium.org; dmarc=pass (policy=none) header.from=chromium.org ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1688485030; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=beswSwVGAkwwt+hvsxKunV4bjZ5oFhW4HtgFlCfoMD8=; b=Pm55ENIvbF//djm2IYyRixdakLP0+btTX209rnORbPjjGqfk/L7X13BOXBLiez8yNbE8/I /59v/jZYhew7W3yOx01CquXHQ4uo6M+gMvh7rWFMOjKep0Q/Ea0Nxek1IpugnRsYcAa6QB TqO5nivi012c+UhW9dAGtUGNsF7jRKc= ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1688485030; a=rsa-sha256; cv=none; b=qAbvmlUvie6lL4/in1WFMVXlY+Z241bUPeAin3q5sWSiRLoSX7KqSEPCpY6hzeoccXsBhZ ve3Du6Q3VoxBvKSAgz1TNi2hbfb4tBCEeuwSXGynj9PGJu5cMFlUDRqXDVvNN76XadNbCW cIxXBLO7Waqb23adz2mrt0jmkvvLbg8= ARC-Authentication-Results: i=1; imf02.hostedemail.com; dkim=pass header.d=chromium.org header.s=google header.b=im9v3tz+; spf=pass (imf02.hostedemail.com: domain of revest@chromium.org designates 209.85.128.44 as permitted sender) smtp.mailfrom=revest@chromium.org; dmarc=pass (policy=none) header.from=chromium.org Received: by mail-wm1-f44.google.com with SMTP id 5b1f17b1804b1-3fb4146e8ceso70082215e9.0 for ; Tue, 04 Jul 2023 08:37:09 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; t=1688485029; x=1691077029; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=beswSwVGAkwwt+hvsxKunV4bjZ5oFhW4HtgFlCfoMD8=; b=im9v3tz+dDQKllRZMfAl2CXof/kWuglwbcaU6I+/SM3taNN9W0TM7sI67nnkl3lDSX 9evAJPoxo2Tv50rEz5lihIj5frPU3Hxo1Et5ixkKvTNtQhQyTA6xiirfJK5+I7SVGHC2 vJhjhWvhzJTSHRPd/yK9QTQbknde3VwTLbMWE= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1688485029; x=1691077029; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=beswSwVGAkwwt+hvsxKunV4bjZ5oFhW4HtgFlCfoMD8=; b=iL895JzhnZWe+KuyW+XK43NT2g/GY26qnxlbVYv/V3yHgD9hwUJXDEzMC86IsdLlgs nREY8nzdMj3pa+cqQ9KdyOVMg7PJmc51Dg2MM8V/kWvpQ52UuAze/TyEJspad+pM2MC9 LSC4v5HDH9oeQC/mDpHv3a0oZPRuvMN7ixBMGoxPlu0dJFZFJaqjCUt4qdN4H5x5sqYv pU39uLXdvbCYna7Vo+GrzbRIv79i8R3GCmC5jjZ3g9RUyM7q9tKiENpoXTVkDxiV1OBF wVPvbMrFyrmqUaZIB3eseqXgST/po+K358nqSx7PFVyXaWXKV/lZ6MNSXR/fvC4eiv1b 4LNw== X-Gm-Message-State: ABy/qLa9uM9o4LaBeoYce9X3+NKqoeoXg2231aGRnHe3SWthv2PhLeMb KbBWDLSFsl4cnzT3RhJcwoVPP5msZP1+t4pqRYA= X-Google-Smtp-Source: APBJJlGdWcugyCLxuhlb72LvzlOj5uz7Xrz2PmeD25M8SMc8R/B4axzPNqhXW2AizS/HJbijddnx2A== X-Received: by 2002:a5d:4950:0:b0:313:f7f1:e34c with SMTP id r16-20020a5d4950000000b00313f7f1e34cmr11728009wrs.60.1688485028942; Tue, 04 Jul 2023 08:37:08 -0700 (PDT) Received: from revest.zrh.corp.google.com ([2a00:79e0:9d:6:99b2:81bb:8407:5369]) by smtp.gmail.com with ESMTPSA id b2-20020adfde02000000b0030c4d8930b1sm28538709wrm.91.2023.07.04.08.37.07 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 04 Jul 2023 08:37:08 -0700 (PDT) From: Florent Revest To: linux-kernel@vger.kernel.org, linux-mm@kvack.org Cc: akpm@linux-foundation.org, catalin.marinas@arm.com, anshuman.khandual@arm.com, joey.gouly@arm.com, mhocko@suse.com, keescook@chromium.org, david@redhat.com, peterx@redhat.com, izbyshev@ispras.ru, broonie@kernel.org, szabolcs.nagy@arm.com, kpsingh@kernel.org, gthelen@google.com, toiwoton@gmail.com, Florent Revest Subject: [PATCH v3 2/5] kselftest: vm: Fix mdwe's mmap_FIXED test case Date: Tue, 4 Jul 2023 17:36:26 +0200 Message-ID: <20230704153630.1591122-3-revest@chromium.org> X-Mailer: git-send-email 2.41.0.255.g8b1d071c50-goog In-Reply-To: <20230704153630.1591122-1-revest@chromium.org> References: <20230704153630.1591122-1-revest@chromium.org> MIME-Version: 1.0 X-Stat-Signature: raw4huzkegc3577fp471bgk39gstdhwn X-Rspamd-Server: rspam10 X-Rspamd-Queue-Id: 782CE80022 X-Rspam-User: X-HE-Tag: 1688485030-192846 X-HE-Meta: U2FsdGVkX1/O0uxWJlnK3aH76uVswkDQ9rAl0Zo5hx1w5xXFIGHStgD6nJZv7w+zaEcRCiFtA15Y8SyeYn3q7VJS1WfDVqIhkto1OJfVX62EFHL6VMX03mqM4oGzns7CWXVRaLxA3ErqNjBtNElqPOICh5bvxlsLHoem3XYGwmBx1/LKvZfgC+IAlVtVyeknNF413HDFbIvMSPsnAihX0khV3hDuJz2g4I5+uawgHuQ61pFan39ZB3TDgruku816R9cr3pSMvSmNzTZDTew/y+UAy7mRguc9zPbXsThf8oWUqMvpOD+bDODo/hHOUCoTWELSL3ImJzYZSKFisAElKMKB495HyKu0IcO7SV0FQWzYcLLsfijxA1A5MMkFuvQurdwU4UclDmJBwQqPCetfgmiEHte/s9PeWSt09zsNqUMG0UrLKPZuS+r63ss1Yx9tRaIlQ9XSKtlfBnImYFlsl4D4cVX/+AoWdxt/ZIXRsgJkNYTFi6ywJcBA9XNYX/qsGYXbf5iM5u5wstQS0L8IcmGxTW8wScjKgHGFq1Hrep8EF38DoTIR7Ko1p+8yIkMcUbPc/hERIe/G7C2QSe/VVcqnPD8SCfTCsXEBJZGt/nrkZxopc2ZIj6bE1xy+IU1u+MEoYNtwbv41h/kU800XOGOGoiid8vanRg9+DMHWHt3CCJ5k0/+JER6u7ifEF3NMwoOvLvn4O6uA37ng+WJK1KEXvtleT+SMJPvWDU03dOug7CIakTC5OIvKZIDJ35/FWeqlzMu7xcsHj5gGUaw7j0MGt6WjzzMoPHBJL/m+4ZWrqq2NQeX8QTnuVzRBOHsbAGtLo+7YHVeVxAWWlL1cSBabEvQloFQbNcjL4xklAKlZk/BUEan5H5TBFOyG7cOL22vuUyeTnGujoED/SVcWZq5Pyw3BELOI2OYcKJ9sS9TXnqni5VfBhXKPz+p8hCzehKYkfbmSfJom1GWhD3/ W7yejBBI 9uB+i8lIcCt490odojzQ+br9prjjoyg6uiTMq67IrWB5OBC/1U+YMRZlOmDOkZ4D41ELbxC1v7vF83/cFbPlCGR91ZSIzvCJf/7Mtsfx6so/FkxAQHUsqNeH7+faCzgdn1wVudmJYE2RfM9QJzcFLZxR7KDUGqQW8hnqhxkOn43HyoL7UVqufRc8wL6ZZyuGDjQYaAxYyKkoOjiAgHyN/3Qldsr0vllBanvOC/iGcpzPhUp+2jfr+9BN6rS69fj+EZR6JMLhRdP2L1sOaPJlozOU3rv36kajiZlJr17nji2LQ8/QEJdO/hqF1LcTh1OGDnF41/+6IjS62unSb5ozcYpJ6thbMp8anxCgAC3FqvX9zvkpF3IxVzeR0/dLMpohePB/qtOWSJV2kMsicNW1Nvh1HMscQulOXbNlVvvyDdg34MZ1hKz8QRI6bTBLXxXv5uVH/anZNdlvUhT+v9DVBNa7QXuvihJGNIvrcubXI7w7clWw= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: I checked with the original author, the mmap_FIXED test case wasn't properly tested and fails. Currently, it maps two consecutive (non overlapping) pages and expects the second mapping to be denied by MDWE but these two pages have nothing to do with each other so MDWE is actually out of the picture here. What the test actually intended to do was to remap a virtual address using MAP_FIXED. However, this operation unmaps the existing mapping and creates a new one so the va is backed by a new page and MDWE is again out of the picture, all remappings should succeed. This patch keeps the test case to make it clear that this situation is expected to work. Signed-off-by: Florent Revest Reviewed-by: David Hildenbrand Fixes: 4cf1fe34fd18 ("kselftest: vm: add tests for memory-deny-write-execute") Reviewed-by: Ryan Roberts Tested-by: Ryan Roberts Tested-by: Ayush Jain Reviewed-by: Kees Cook Reviewed-by: Catalin Marinas --- tools/testing/selftests/mm/mdwe_test.c | 9 +++------ 1 file changed, 3 insertions(+), 6 deletions(-) diff --git a/tools/testing/selftests/mm/mdwe_test.c b/tools/testing/selftests/mm/mdwe_test.c index d0954c657feb..91aa9c3099e7 100644 --- a/tools/testing/selftests/mm/mdwe_test.c +++ b/tools/testing/selftests/mm/mdwe_test.c @@ -168,13 +168,10 @@ TEST_F(mdwe, mmap_FIXED) self->p = mmap(NULL, self->size, PROT_READ, self->flags, 0, 0); ASSERT_NE(self->p, MAP_FAILED); - p = mmap(self->p + self->size, self->size, PROT_READ | PROT_EXEC, + /* MAP_FIXED unmaps the existing page before mapping which is allowed */ + p = mmap(self->p, self->size, PROT_READ | PROT_EXEC, self->flags | MAP_FIXED, 0, 0); - if (variant->enabled) { - EXPECT_EQ(p, MAP_FAILED); - } else { - EXPECT_EQ(p, self->p); - } + EXPECT_EQ(p, self->p); } TEST_F(mdwe, arm64_BTI) From patchwork Tue Jul 4 15:36:27 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Florent Revest X-Patchwork-Id: 13301392 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 68AB7EB64DD for ; Tue, 4 Jul 2023 15:37:16 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 4E1C028008E; Tue, 4 Jul 2023 11:37:14 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 46B30280076; Tue, 4 Jul 2023 11:37:14 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 2E37928008E; Tue, 4 Jul 2023 11:37:14 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0016.hostedemail.com [216.40.44.16]) by kanga.kvack.org (Postfix) with ESMTP id 14BA4280076 for ; Tue, 4 Jul 2023 11:37:14 -0400 (EDT) Received: from smtpin03.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay04.hostedemail.com (Postfix) with ESMTP id E275A1A0ACA for ; Tue, 4 Jul 2023 15:37:13 +0000 (UTC) X-FDA: 80974333146.03.CCD785A Received: from mail-wr1-f47.google.com (mail-wr1-f47.google.com [209.85.221.47]) by imf23.hostedemail.com (Postfix) with ESMTP id ECB1B14001C for ; Tue, 4 Jul 2023 15:37:11 +0000 (UTC) Authentication-Results: imf23.hostedemail.com; dkim=pass header.d=chromium.org header.s=google header.b=MFwOF7sq; spf=pass (imf23.hostedemail.com: domain of revest@chromium.org designates 209.85.221.47 as permitted sender) smtp.mailfrom=revest@chromium.org; dmarc=pass (policy=none) header.from=chromium.org ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1688485032; a=rsa-sha256; cv=none; b=XpTf97hbbig96UnkhoUmdCSZANKuLCaRkLq5bafyhu2SnpIIUkL7foATD+w5T6oHZmdPW/ 5SHcPQoDb7vPEh379MeBvEyBsn+s0IOJ0XBCwsNYajtOk3WuT4V5u8oi5j0DWeyKhZmtXH B6SD9+sOnLRswNErydsJr2SQ9KNyErY= ARC-Authentication-Results: i=1; imf23.hostedemail.com; dkim=pass header.d=chromium.org header.s=google header.b=MFwOF7sq; spf=pass (imf23.hostedemail.com: domain of revest@chromium.org designates 209.85.221.47 as permitted sender) smtp.mailfrom=revest@chromium.org; dmarc=pass (policy=none) header.from=chromium.org ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1688485032; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=4ZVHggtHO+yJauR9LskgHgrRJhbEnps/FtwfSudSsCo=; b=EXDSELp0wNWDlCE9WZE8RzYDXnLXvdqzO203gFVZnwvspyohXPW7g2MbO9fWtPjp1l2sa+ fngFD7M1LJas+Ycklm/jxwE/QUpTg3VUQflulQaxSlq0RRE53vTdvI5L28lu8Z/9+GxEdJ qoZtyNW9tBOdqPt4ywIPDUr7rVEd8S0= Received: by mail-wr1-f47.google.com with SMTP id ffacd0b85a97d-314313f127fso3214309f8f.1 for ; Tue, 04 Jul 2023 08:37:11 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; t=1688485030; x=1691077030; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=4ZVHggtHO+yJauR9LskgHgrRJhbEnps/FtwfSudSsCo=; b=MFwOF7sqVXBxFanxQfr0POOuegrGEdOtkhF028G3OsKGL3xdsPPzrHjjHCl/yZUQsi 0u2xWsEBho6iRvSucxENpzwYqu7b0USkS0W+q1mqavp72R9LwsRuiUSOgH6bJqxDI2N6 Myg7WgOAMHNQAOKGq0YrI/FSXNdf8mMkegW+0= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1688485030; x=1691077030; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=4ZVHggtHO+yJauR9LskgHgrRJhbEnps/FtwfSudSsCo=; b=YGRZQbsDMw04lgE4+c7OYPiXnWt6ZDrNN1XGBV9OMbF648U+OkCOORWWaIEfwP9yfz kPmWTIMDgRZOnB1V5QUCJHgWpq+m6ud9gZxLg71GTM0ava84xkFSrHuTqDONmVRPvany 1liWTMLLh/LAfJq4/bDcElPrtk7pk2m8uWo7hQB/i5XAw3nx22a5M5cYynlKdCDkc+e7 Zl9jPe+LTQQE0+rBRnWs5eWBUTU7RGsvQIda02TBEGRhpI8cLCAPl7CFth0Ngkn+pNF2 rrBkHbz+LAfUxbZy/ZTLQCpPOtkWTxPQ3NpFZf7/xkqrmEy39chaQwO2mRObpzOceNdY 7qmw== X-Gm-Message-State: ABy/qLaTiIzv5jJx4zmJgKLciyEq/HVVq6mXlxyRDHNbtbiHktcGLjM5 KmzAXMaegArxt0BdMVTan+g5nQ== X-Google-Smtp-Source: APBJJlEAgV7A2O402mT7fPusAvg3tuUXWOjSGe1PiyyavUQPEZBAhTj4IWlt79euih0ZpRWlsQjz3Q== X-Received: by 2002:a5d:44c2:0:b0:314:1ad7:2ea8 with SMTP id z2-20020a5d44c2000000b003141ad72ea8mr11140519wrr.54.1688485030643; Tue, 04 Jul 2023 08:37:10 -0700 (PDT) Received: from revest.zrh.corp.google.com ([2a00:79e0:9d:6:99b2:81bb:8407:5369]) by smtp.gmail.com with ESMTPSA id b2-20020adfde02000000b0030c4d8930b1sm28538709wrm.91.2023.07.04.08.37.09 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 04 Jul 2023 08:37:10 -0700 (PDT) From: Florent Revest To: linux-kernel@vger.kernel.org, linux-mm@kvack.org Cc: akpm@linux-foundation.org, catalin.marinas@arm.com, anshuman.khandual@arm.com, joey.gouly@arm.com, mhocko@suse.com, keescook@chromium.org, david@redhat.com, peterx@redhat.com, izbyshev@ispras.ru, broonie@kernel.org, szabolcs.nagy@arm.com, kpsingh@kernel.org, gthelen@google.com, toiwoton@gmail.com, Florent Revest , linux-stable@vger.kernel.org Subject: [PATCH v3 3/5] mm: Make PR_MDWE_REFUSE_EXEC_GAIN an unsigned long Date: Tue, 4 Jul 2023 17:36:27 +0200 Message-ID: <20230704153630.1591122-4-revest@chromium.org> X-Mailer: git-send-email 2.41.0.255.g8b1d071c50-goog In-Reply-To: <20230704153630.1591122-1-revest@chromium.org> References: <20230704153630.1591122-1-revest@chromium.org> MIME-Version: 1.0 X-Rspamd-Server: rspam08 X-Rspamd-Queue-Id: ECB1B14001C X-Stat-Signature: sh7ttm7x5fxqg6mgm6qax6nq71xjtajx X-Rspam-User: X-HE-Tag: 1688485031-546900 X-HE-Meta: U2FsdGVkX18gyN4httL6RNK4sR3c35JGnuz3ePNby4y4Ma3N0ZgqzPWQyJZjrQyP7YxVhyuLfiA61WO2agp5Wiyh5WR9bHLkQFOAohUzFThTmbJ3PlCa0NK7qQUEs76+Ag5zbEY7QQ2dYIuhOHuJw6eO/6TRfs/LaozoYfylZOcwT6l+TZg61ZveFvxkHRR00AlQplREASVnGJHvpTfFrVyuImT9bAweI1DDrpW8DYnDfSJ559SnslBKhpN/0NY2Act0yjNK5etSDaxpm5YRT4CkSl6vxKG64FW3Tf6ivwGYANZd2Ur9OcHRS0fN9imgG9B1PLPi0Q8WNtp3gWfZzVRYGv4gWLI3fdwU6oJc+nI9dkmp6OWk2h3lwVHsyrumqB/Gxga80gTlpYRjsso7du1nK3vFSfVAXwOjuhxxSpOs+xm7IpFNpDtdG3zgDdmR6Rn5FCH3n+von6B+eI3odpaw4IL21qYmW9dKQfgF5lnbW+cBh4gxMB14fTLpRqIFQR32Tn5Xtw+jjYSSi6a8zRBogloaTsVcrEJry/vS1PvoKysbNnz+LuVd0WCUE5Sm90s9g1/dpomGGtbAYzipi+ggU4VvwNK6eWbUAoGnKlKMiFAhI4nJoAYcWK1zOXKkeV2+lFBiAher8S6pODhKaqk9cx/dkg9v9egn5c/wndheVvjNU8PhxW6T2uexLjKe5wh0oxeeQgwQROqjHlvZDmf/AezL4gDGutM4Ee9epX2Do2NTuK409gcXt3NhNu73dzdnPg/pPKTBml9DRxtTeDh5t2YSIdW1Lyuj3Z8kAR3YSXzjqYf7F0JULs594cV/1nwlf4+jUpux4JRvlwd8bw6aXALGc2Q9f/XTZ/nqNCwxdqE1iFv/elj4Wgt1+dua7fUgzFHCCRCmuuO3654cGV6f/5mb/U9dbHwwffR33ThsyWxaLPThjC/kjub3cbK9KeVS05jTaNuHA/8WdPw RrmgU00O d3ma/9NPehFhUAP3o6l6+XCBE44y4cSDjavDse5Y0IEvVIpwpcKSoWpF+GpwC7ljWWFEOcBXQPiW4y9T2V8TI8KMBr6zguZNGDaRRs4FMcPxbILIK+IV67gf0vmXlzxYxDYFO9QlR/g/IFX3ENLukovKdHHRa+8dpizzT2mURPwZSpgmZKslsv9CRBVGB9YwODutvDtxP/DvUfOiQtZO4VNHfW3BeZ0Et/cV3pQZHA+SEqakGufRrA8oY9NUjo6d1h2XOPIvJtlF+XR+CQb5tSGSh8P2u6tNWzAmB8loMnEEndHH0LF+tmG/Qq1C9HWux+HdxK6n72/vvaQKVqbWvytqJ/ulsfPQo7UlPb1ErZ8ze5CXWARkbv0KYVhZ7JB3alzALzAK14I6JmHu+AM1+hUnV5xbCo/VDBVSLpPwJCRb9PRhl8MluJmMl+CO7urbxYmzLRkZhqx+thQzx3vQwdju2q1cHereAUoP5oIioYTT3j4oPnuMnTPubAJirwQkGqRAK/dF9mLSc2gWAneQWuVkzV+vvpHx5AGqA9XZ8NnY+fsKuucCV34RhoWCxa4oW7OaQaAC5RYqzX+LnA1vgoyDCJH9OHhGMd85P0CHd1AqyQqR5WPmHZxGW2YFgImrcdJCK5J9bsQrBpFzaYhRWgun45Y8XocVjpdmCxusyK3pU+1o= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: Defining a prctl flag as an int is a footgun because on a 64 bit machine and with a variadic implementation of prctl (like in musl and glibc), when used directly as a prctl argument, it can get casted to long with garbage upper bits which would result in unexpected behaviors. This patch changes the constant to an unsigned long to eliminate that possibilities. This does not break UAPI. Fixes: b507808ebce2 ("mm: implement memory-deny-write-execute as a prctl") Cc: linux-stable@vger.kernel.org Signed-off-by: Florent Revest Suggested-by: Alexey Izbyshev Reviewed-by: David Hildenbrand Acked-by: Catalin Marinas Reviewed-by: Kees Cook --- include/uapi/linux/prctl.h | 2 +- tools/include/uapi/linux/prctl.h | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/include/uapi/linux/prctl.h b/include/uapi/linux/prctl.h index f23d9a16507f..6e9af6cbc950 100644 --- a/include/uapi/linux/prctl.h +++ b/include/uapi/linux/prctl.h @@ -283,7 +283,7 @@ struct prctl_mm_map { /* Memory deny write / execute */ #define PR_SET_MDWE 65 -# define PR_MDWE_REFUSE_EXEC_GAIN 1 +# define PR_MDWE_REFUSE_EXEC_GAIN (1UL << 0) #define PR_GET_MDWE 66 diff --git a/tools/include/uapi/linux/prctl.h b/tools/include/uapi/linux/prctl.h index f23d9a16507f..6e9af6cbc950 100644 --- a/tools/include/uapi/linux/prctl.h +++ b/tools/include/uapi/linux/prctl.h @@ -283,7 +283,7 @@ struct prctl_mm_map { /* Memory deny write / execute */ #define PR_SET_MDWE 65 -# define PR_MDWE_REFUSE_EXEC_GAIN 1 +# define PR_MDWE_REFUSE_EXEC_GAIN (1UL << 0) #define PR_GET_MDWE 66 From patchwork Tue Jul 4 15:36:28 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Florent Revest X-Patchwork-Id: 13301393 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 91B21EB64DA for ; Tue, 4 Jul 2023 15:37:18 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 4220328008F; Tue, 4 Jul 2023 11:37:16 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 3A733280076; Tue, 4 Jul 2023 11:37:16 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 1F98C28008F; Tue, 4 Jul 2023 11:37:16 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0011.hostedemail.com [216.40.44.11]) by kanga.kvack.org (Postfix) with ESMTP id 09A76280076 for ; Tue, 4 Jul 2023 11:37:16 -0400 (EDT) Received: from smtpin10.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay05.hostedemail.com (Postfix) with ESMTP id CAE424081F for ; Tue, 4 Jul 2023 15:37:15 +0000 (UTC) X-FDA: 80974333230.10.6C7CC4F Received: from mail-wr1-f44.google.com (mail-wr1-f44.google.com [209.85.221.44]) by imf19.hostedemail.com (Postfix) with ESMTP id D2B671A0016 for ; Tue, 4 Jul 2023 15:37:13 +0000 (UTC) Authentication-Results: imf19.hostedemail.com; dkim=pass header.d=chromium.org header.s=google header.b="IH8/lYad"; dmarc=pass (policy=none) header.from=chromium.org; spf=pass (imf19.hostedemail.com: domain of revest@chromium.org designates 209.85.221.44 as permitted sender) smtp.mailfrom=revest@chromium.org ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1688485033; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=R7tunI1lKMH4tXxhhZlNnHm4rteRjjg9hHxMHKz9rMs=; b=eOdQCbGT1LV03ORDWXPiPeyePHP4mOXRZYr4OCH31NVkwMNWadXVO+mnvZwzyABDZiH+cQ hEMYjUgCjdE7NDP/Ixad76Z7RJaqh40Ebb+j9wVdEkWHNJzd7uLfu+hxZeBW0R9TAcUECq JFzMplPRl8Q8dE6boxwV3nTkZmAzJO4= ARC-Authentication-Results: i=1; imf19.hostedemail.com; dkim=pass header.d=chromium.org header.s=google header.b="IH8/lYad"; dmarc=pass (policy=none) header.from=chromium.org; spf=pass (imf19.hostedemail.com: domain of revest@chromium.org designates 209.85.221.44 as permitted sender) smtp.mailfrom=revest@chromium.org ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1688485033; a=rsa-sha256; cv=none; b=wC9w3is3atrlj0Y+3mw2eEjPWfDDtricgdNANffH/AdBO2AKQus6InIwDjnKhYEEbeOK5i mjfMy4XvgsOz9r+WqULkIO74AI85wHfV+mKMRMqH5awr43GNCOlgPOFSDc2RLA2/Ilkty9 7rLR//So6HrTdgoTul8DmYv9mlVjwH8= Received: by mail-wr1-f44.google.com with SMTP id ffacd0b85a97d-313fb7f0f80so6339703f8f.2 for ; Tue, 04 Jul 2023 08:37:13 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; t=1688485032; x=1691077032; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=R7tunI1lKMH4tXxhhZlNnHm4rteRjjg9hHxMHKz9rMs=; b=IH8/lYadcMH//iw9M9Op8dU0l1sj9aFWw0lBe6q6pMiopghB2cvLo/OcIkjbXfOgC6 Y7x5+a5kcNvS9pp+WWGqp5o36R5bI4rsQwvbYsUc1Qx6T4i713ReMLLt4ZaDVZsYaSd5 A3rBFK/cCnkuHUUrd8RED5SGzIm8RjYv50e0Y= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1688485032; x=1691077032; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=R7tunI1lKMH4tXxhhZlNnHm4rteRjjg9hHxMHKz9rMs=; b=Dsu/mLtb9EyeGAmYkQx0c6JbcS+eM0xzFPPZM3wICk627TQ5l2QKN9+DByhlPr/GQE qquVTk8c+nbyjKaDT6FdErivRkL5VH3VP+d+9gdBZUXNc1A2YubuMuiaIrBQ2RazvAZG MA0He6wZ7UMCLtJ/Qj6aNKuvn6+Lpt9kDn3gazThQiX8E3UTatDvPPAmalo01UHt8Z8Y zsw+7V3tQK8Y0RfTmU1i6TdRhEEP7gVFAUa19Bh8pYecw91xeuloaecf5kvTiqZT8a11 pEORB7rnVEVhSXfBZsReY4Bygt1+ux18odAwSGT2hnAoF5eMTJ9eWcp7a8XAVoHqtfr3 HRww== X-Gm-Message-State: ABy/qLamojAFfSdaFP/0eZR3MxoAjjmcwaE9WxDfBcnZmsDyG/TT+5El kGWOZOuxW2wsYT6+Tuu7UIQwZw== X-Google-Smtp-Source: APBJJlEk398zYlZ/TviSclnfJx8pfvjJ6ut2plYZwXPVcNfINX4lPmJVH71We1oWGxYpyyxB1gS6eg== X-Received: by 2002:a5d:4f86:0:b0:30f:c42e:3299 with SMTP id d6-20020a5d4f86000000b0030fc42e3299mr10482799wru.60.1688485032503; Tue, 04 Jul 2023 08:37:12 -0700 (PDT) Received: from revest.zrh.corp.google.com ([2a00:79e0:9d:6:99b2:81bb:8407:5369]) by smtp.gmail.com with ESMTPSA id b2-20020adfde02000000b0030c4d8930b1sm28538709wrm.91.2023.07.04.08.37.10 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 04 Jul 2023 08:37:11 -0700 (PDT) From: Florent Revest To: linux-kernel@vger.kernel.org, linux-mm@kvack.org Cc: akpm@linux-foundation.org, catalin.marinas@arm.com, anshuman.khandual@arm.com, joey.gouly@arm.com, mhocko@suse.com, keescook@chromium.org, david@redhat.com, peterx@redhat.com, izbyshev@ispras.ru, broonie@kernel.org, szabolcs.nagy@arm.com, kpsingh@kernel.org, gthelen@google.com, toiwoton@gmail.com, Florent Revest Subject: [PATCH v3 4/5] mm: Add a NO_INHERIT flag to the PR_SET_MDWE prctl Date: Tue, 4 Jul 2023 17:36:28 +0200 Message-ID: <20230704153630.1591122-5-revest@chromium.org> X-Mailer: git-send-email 2.41.0.255.g8b1d071c50-goog In-Reply-To: <20230704153630.1591122-1-revest@chromium.org> References: <20230704153630.1591122-1-revest@chromium.org> MIME-Version: 1.0 X-Rspam-User: X-Rspamd-Server: rspam12 X-Rspamd-Queue-Id: D2B671A0016 X-Stat-Signature: 1kf3panke3sngz189xisrdd7k4t817q7 X-HE-Tag: 1688485033-840385 X-HE-Meta: U2FsdGVkX18fmIHGXSNjgR30oIuXVm5/kpzpU/HLz/TigoHlfWJ56H8SFLUrLklWn6jo1cDznLiZPSAOQ0VQTnI27Eimdvooc+lj8cFjw4FOaf+dIRIDUpNiMO0D+uE02ZijsT7n+ZKZphvzQh8asOT23jU2Qy4o4TFdRN1oxGe3pQABx1qfikzxDb3Tm/7JtzZXSiX1/Hj0rrABjPLdKyJcSqKZmegEiAKZa/+TuwTtApXRXSI/mYw+dkxxPOUCQ12ShWL4yHGCLGXckl6hGBtnQzWWfAJld/VpSGHTV/8EF51ZNYnAnu9B8tPme3gPWiV+RvcjdEpndDWlrHdDL1BedMRRF3DxBLWhd7xjgoaYccw5MQ1i7VhoLJKVqJPsL5Gc9wYzZ2mJMaELqYv2BhHHupklSOjgyzYeQbeN67nf4HKExSW1tJnv+FG6YjHr5lgOi9FhCvxKI3CVTmVsrae1BMIzaCC+CfrICnX8AE4tTgVe5PkOo6Z7O0Dcb78JW68GbWcTRBZI9dpjf0pfbMJ2fwfcRRz+zgR310Ek0v77Bf2Bgn7PsyJ/bzzXPiodkEI1inGdGhUXdfufwemBd64XpMdZ2uXuI+NZKAMY3d3dUemV4jFG8Zoe/oyjpxboKum3fAWAjq+P5qMWXlrrYqyFU04pIlC63RQEOeVjwJ2PNWmRtC3eThyDrrL5JobuaGcJYy1NZIAnz9BlI76ZPkxLpwAi2C/k1oeCNIH5lc/z9PGR6IvIFfE02wat5dvcMLTqo1ATvkVrAwPYJaB16cQL2mAWX0kMgyjtqWIdUU+BXKkEbrYQ5PfbWhTDD2Pr9YOmOxBETvAo+UixK5K35lJFbOUD2F7IMx0fTqmjpjcfVLTlH76c9JTRTWtAcoRaTAu/R3K4Rp0c9SBSgrDdTBQU6kL+wEwEE0WkYEv5/tNPyYmAsB3D3NePVpPXAeY1/qHwsu0aTtcQqwNX0ST twM2HkaD 7AhiCqzq4xgBLyBKvTC2d8BXFOjVvj3idPseae6vUvWk0/hHKQX8rQ5C9jND8OHlw0RE+URVLiRa6ASJBmi9+FGoqOBBt/XjZ8uBc9NTSgiBKgqt1BXljDCGhE+ubVdZU2YlXAf8N78mvoi4egE9ZN4JPlbPyZdyN9jJEO09T3J0ZUNpvNz5uh0o650nhx1xzTJIQrZZzhYaSGAlyl+0KDX7uCxeQKfbEeZKQzPTQcCrLeapaJZxqgHkmep+mgIZzXKxxsuB98fhnwEGGReKhYsxniIP/OcXSc8Yz4mPb/dzXkqdY59d9Mnb/hN2IAyRtmaBouCiwDoZ0vLHscgnDapv9GDmT6YixEra3F0Lj/2Fah6YgutzEYQXeSOd5HqxhAbSpoLLVmfSqu8dxJ+uVTGLQZcnECsqu/5q/YTERZ+RLw8MP/VZbQRTZY5qn5YhaHG4HOkbmCOzkGW0= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: This extends the current PR_SET_MDWE prctl arg with a bit to indicate that the process doesn't want MDWE protection to propagate to children. To implement this no-inherit mode, the tag in current->mm->flags must be absent from MMF_INIT_MASK. This means that the encoding for "MDWE but without inherit" is different in the prctl than in the mm flags. This leads to a bit of bit-mangling in the prctl implementation. Signed-off-by: Florent Revest Reviewed-by: Kees Cook Reviewed-by: Catalin Marinas --- include/linux/sched/coredump.h | 10 ++++++++++ include/uapi/linux/prctl.h | 1 + kernel/fork.c | 2 +- kernel/sys.c | 32 ++++++++++++++++++++++++++------ tools/include/uapi/linux/prctl.h | 1 + 5 files changed, 39 insertions(+), 7 deletions(-) diff --git a/include/linux/sched/coredump.h b/include/linux/sched/coredump.h index 0ee96ea7a0e9..1b37fa8fc723 100644 --- a/include/linux/sched/coredump.h +++ b/include/linux/sched/coredump.h @@ -91,4 +91,14 @@ static inline int get_dumpable(struct mm_struct *mm) MMF_DISABLE_THP_MASK | MMF_HAS_MDWE_MASK) #define MMF_VM_MERGE_ANY 29 +#define MMF_HAS_MDWE_NO_INHERIT 30 + +static inline unsigned long mmf_init_flags(unsigned long flags) +{ + if (flags & (1UL << MMF_HAS_MDWE_NO_INHERIT)) + flags &= ~((1UL << MMF_HAS_MDWE) | + (1UL << MMF_HAS_MDWE_NO_INHERIT)); + return flags & MMF_INIT_MASK; +} + #endif /* _LINUX_SCHED_COREDUMP_H */ diff --git a/include/uapi/linux/prctl.h b/include/uapi/linux/prctl.h index 6e9af6cbc950..dacbe824e7c3 100644 --- a/include/uapi/linux/prctl.h +++ b/include/uapi/linux/prctl.h @@ -284,6 +284,7 @@ struct prctl_mm_map { /* Memory deny write / execute */ #define PR_SET_MDWE 65 # define PR_MDWE_REFUSE_EXEC_GAIN (1UL << 0) +# define PR_MDWE_NO_INHERIT (1UL << 1) #define PR_GET_MDWE 66 diff --git a/kernel/fork.c b/kernel/fork.c index d17995934eb4..bc3c762d378f 100644 --- a/kernel/fork.c +++ b/kernel/fork.c @@ -1284,7 +1284,7 @@ static struct mm_struct *mm_init(struct mm_struct *mm, struct task_struct *p, hugetlb_count_init(mm); if (current->mm) { - mm->flags = current->mm->flags & MMF_INIT_MASK; + mm->flags = mmf_init_flags(current->mm->flags); mm->def_flags = current->mm->def_flags & VM_INIT_DEF_MASK; } else { mm->flags = default_dump_filter; diff --git a/kernel/sys.c b/kernel/sys.c index 339fee3eff6a..1a2dc3da43ea 100644 --- a/kernel/sys.c +++ b/kernel/sys.c @@ -2362,19 +2362,41 @@ static int prctl_set_vma(unsigned long opt, unsigned long start, } #endif /* CONFIG_ANON_VMA_NAME */ +static inline unsigned long get_current_mdwe(void) +{ + unsigned long ret = 0; + + if (test_bit(MMF_HAS_MDWE, ¤t->mm->flags)) + ret |= PR_MDWE_REFUSE_EXEC_GAIN; + if (test_bit(MMF_HAS_MDWE_NO_INHERIT, ¤t->mm->flags)) + ret |= PR_MDWE_NO_INHERIT; + + return ret; +} + static inline int prctl_set_mdwe(unsigned long bits, unsigned long arg3, unsigned long arg4, unsigned long arg5) { + unsigned long current_bits; + if (arg3 || arg4 || arg5) return -EINVAL; - if (bits & ~(PR_MDWE_REFUSE_EXEC_GAIN)) + if (bits & ~(PR_MDWE_REFUSE_EXEC_GAIN | PR_MDWE_NO_INHERIT)) + return -EINVAL; + + /* NO_INHERIT only makes sense with REFUSE_EXEC_GAIN */ + if (bits & PR_MDWE_NO_INHERIT && !(bits & PR_MDWE_REFUSE_EXEC_GAIN)) return -EINVAL; + current_bits = get_current_mdwe(); + if (current_bits && current_bits != bits) + return -EPERM; /* Cannot unset the flags */ + + if (bits & PR_MDWE_NO_INHERIT) + set_bit(MMF_HAS_MDWE_NO_INHERIT, ¤t->mm->flags); if (bits & PR_MDWE_REFUSE_EXEC_GAIN) set_bit(MMF_HAS_MDWE, ¤t->mm->flags); - else if (test_bit(MMF_HAS_MDWE, ¤t->mm->flags)) - return -EPERM; /* Cannot unset the flag */ return 0; } @@ -2384,9 +2406,7 @@ static inline int prctl_get_mdwe(unsigned long arg2, unsigned long arg3, { if (arg2 || arg3 || arg4 || arg5) return -EINVAL; - - return test_bit(MMF_HAS_MDWE, ¤t->mm->flags) ? - PR_MDWE_REFUSE_EXEC_GAIN : 0; + return (int)get_current_mdwe(); } static int prctl_get_auxv(void __user *addr, unsigned long len) diff --git a/tools/include/uapi/linux/prctl.h b/tools/include/uapi/linux/prctl.h index 6e9af6cbc950..dacbe824e7c3 100644 --- a/tools/include/uapi/linux/prctl.h +++ b/tools/include/uapi/linux/prctl.h @@ -284,6 +284,7 @@ struct prctl_mm_map { /* Memory deny write / execute */ #define PR_SET_MDWE 65 # define PR_MDWE_REFUSE_EXEC_GAIN (1UL << 0) +# define PR_MDWE_NO_INHERIT (1UL << 1) #define PR_GET_MDWE 66 From patchwork Tue Jul 4 15:36:29 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Florent Revest X-Patchwork-Id: 13301394 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id E1F7CC001B0 for ; Tue, 4 Jul 2023 15:37:20 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 381D9280090; Tue, 4 Jul 2023 11:37:18 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 33169280076; Tue, 4 Jul 2023 11:37:18 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 1AB8A280090; Tue, 4 Jul 2023 11:37:18 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0010.hostedemail.com [216.40.44.10]) by kanga.kvack.org (Postfix) with ESMTP id 039AC280076 for ; Tue, 4 Jul 2023 11:37:18 -0400 (EDT) Received: from smtpin25.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay10.hostedemail.com (Postfix) with ESMTP id B9EDEC0A5E for ; Tue, 4 Jul 2023 15:37:17 +0000 (UTC) X-FDA: 80974333314.25.E385AEA Received: from mail-wr1-f43.google.com (mail-wr1-f43.google.com [209.85.221.43]) by imf15.hostedemail.com (Postfix) with ESMTP id D0DDBA001F for ; Tue, 4 Jul 2023 15:37:15 +0000 (UTC) Authentication-Results: imf15.hostedemail.com; dkim=pass header.d=chromium.org header.s=google header.b=JOEPaz3v; spf=pass (imf15.hostedemail.com: domain of revest@chromium.org designates 209.85.221.43 as permitted sender) smtp.mailfrom=revest@chromium.org; dmarc=pass (policy=none) header.from=chromium.org ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1688485035; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=rLVIku7SViX3h+Lcl0E/1oJd3wDCllnW/4/cStAOVU8=; b=L8lh+7XHyLhj88DfLhxV5nSL8pStM0dHenWREDxhPJHQa8YzlGZvTo3lcK1NeWwSWvXDoU WHx62hwWFqkfWjDagq9HCqFSZ0EYn/SR942c/d4QKugnNZxdhzu7h1Dvem11tiMcEGP1NK CjO8EErp+W98bJ2anebLVcX2Nq1YIzc= ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1688485035; a=rsa-sha256; cv=none; b=nuVjss8QME2R6lqweEQD52TsAqriFfsAAD00tNf0xluQOQ/47Ximdja+o72mrZlq8foi1H 4fDFo7UTANAXoArPZUjl0iTxHPbHJ6erJ9y1mBtQB3DSVesj9bXYJZ2mu+mIwTyTh2rFwI cu89vNsuOMa40dI6OPGWki8NOSpu0ok= ARC-Authentication-Results: i=1; imf15.hostedemail.com; dkim=pass header.d=chromium.org header.s=google header.b=JOEPaz3v; spf=pass (imf15.hostedemail.com: domain of revest@chromium.org designates 209.85.221.43 as permitted sender) smtp.mailfrom=revest@chromium.org; dmarc=pass (policy=none) header.from=chromium.org Received: by mail-wr1-f43.google.com with SMTP id ffacd0b85a97d-3141c8a6f30so6007619f8f.1 for ; Tue, 04 Jul 2023 08:37:15 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; t=1688485034; x=1691077034; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=rLVIku7SViX3h+Lcl0E/1oJd3wDCllnW/4/cStAOVU8=; b=JOEPaz3vnVicEmuh0M2bGeQ1kl3GzOWIF49GpZl60KzO+GPWcT5dbD+wvseGGR0wpF IxOhrzyb0mInXy8d4183tOtH9SMwjHJhP23A8fyQrPc/56y0fXEdeGOra4JIsTvrhDEV wdGE+jVfHMmym/en2jJSDy3V5xHMkHz6rdQqU= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1688485034; x=1691077034; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=rLVIku7SViX3h+Lcl0E/1oJd3wDCllnW/4/cStAOVU8=; b=MJ53NTvmde9UXsMO4o/ylqn+0mV39S6uezSdVK3h08hRoSkZZ2BHjad8fYTCebBuOt ojF5uR7b9wPXoAVq5m1Q8eOH13y3IBNZwi6d4OYfqddPjy1dvFh3egRZe/Lk/sgT8mKR wI9j036b6z6ua8tk+9FbHtN4OWk8w1akSYnRapoRl1WNbytYL7jyfSDXAxYAzf/VsHXa uyXne1NLIgPKkm6Rh47oxBlpk6KPCpdF8VOPqhha5Srm52VYwG2OdzJ2lSUiCPn+wqe7 nP88KGlDfMfHWytxxOX/MYN/mlhrUnMrAUU+yBA8qM686UtCiTwSvEU2sbiEwgy+dDvY Nerg== X-Gm-Message-State: ABy/qLbLs+5FCPKA4JMOX5fsn9X5pHKWnrmx4nO8t3lN2mFsz4sxeHtG IqVq/TyG4vLaQIOO3CRC/TFmIg== X-Google-Smtp-Source: APBJJlGPcUUIL7rFhoXERgudOfZJobL4dZUD8SGmsqpar9eStx2K5Uf+A1VwfXk9CRgRtCCc2GDieQ== X-Received: by 2002:a5d:6392:0:b0:314:37a2:5900 with SMTP id p18-20020a5d6392000000b0031437a25900mr5264050wru.14.1688485034312; Tue, 04 Jul 2023 08:37:14 -0700 (PDT) Received: from revest.zrh.corp.google.com ([2a00:79e0:9d:6:99b2:81bb:8407:5369]) by smtp.gmail.com with ESMTPSA id b2-20020adfde02000000b0030c4d8930b1sm28538709wrm.91.2023.07.04.08.37.12 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 04 Jul 2023 08:37:13 -0700 (PDT) From: Florent Revest To: linux-kernel@vger.kernel.org, linux-mm@kvack.org Cc: akpm@linux-foundation.org, catalin.marinas@arm.com, anshuman.khandual@arm.com, joey.gouly@arm.com, mhocko@suse.com, keescook@chromium.org, david@redhat.com, peterx@redhat.com, izbyshev@ispras.ru, broonie@kernel.org, szabolcs.nagy@arm.com, kpsingh@kernel.org, gthelen@google.com, toiwoton@gmail.com, Florent Revest Subject: [PATCH v3 5/5] kselftest: vm: Add tests for no-inherit memory-deny-write-execute Date: Tue, 4 Jul 2023 17:36:29 +0200 Message-ID: <20230704153630.1591122-6-revest@chromium.org> X-Mailer: git-send-email 2.41.0.255.g8b1d071c50-goog In-Reply-To: <20230704153630.1591122-1-revest@chromium.org> References: <20230704153630.1591122-1-revest@chromium.org> MIME-Version: 1.0 X-Stat-Signature: 85rydytjc4cd4jdu5zx5jcc11ujqdtcx X-Rspamd-Server: rspam10 X-Rspamd-Queue-Id: D0DDBA001F X-Rspam-User: X-HE-Tag: 1688485035-153480 X-HE-Meta: U2FsdGVkX19uTu/nLjexYUwWK6gwOReisEC7xaWNRe6Zkj8LeN8GGQpYMAwwNvUIsz9dOUdLrWPvu7jNsfXqv05sGa/9pf0Yr90nZk3ZRQpSqR2jUk6UPwzOeoxSwO7KUSNM06lXD4l1EqmDbWQ546A0NiQvuBZU/79t3s041Lph4vTSmMIDXKdatQ2Bsbs4RyOdJb+RfTtkqstpKcLP69TWWg9XIs/PBTEFf3XseLL7rk4nJJ749jN07kPtbhCIUFZPZmDxcDjTqGVuRx7+edMDX3h5cOa3B8V8jI4j8e5rWnmFuSsCRqtEbLyX+bnRAlqy5EIxqttHJdnS4cSKBJw4chn1jLBow8vAx/ndyKCo+ZRdboA81B9ajnaqDnvVRWtjH+OCtDzedui3o3gPODAWFqfxPa89Z6fesKC0ZVOX6xPJQO6RU+yITa2kAZIc4s5xHh+AMH5+tnrcWjF9B+//Q3njmiYJnsj45h+6xNIlEuYEVBMS9Vf8mDDIz6l5KMzt96Rcv6oxNvJcxxV/wG4aJ8rqSbqA48uxkEgKOm6XZDj0TxvUiNDQcJLirXZq3cUXgyDJ/GpentvBckFg1qXfMKA3NovzvndDERF0xIa8+RwQAlc703ZxgtTdZZMR3Pk0Z9uvVPYtTamMp+gpSAY1w+FtSZkK7f5o/EeaynA6rUiiaHdGnLYLVZvdzgjKgv1csx56mQhpr94r4O0KlBCYDNG6I3j4yXZmCi8LjNwg+yqhTCHNnXw6P8UYADQbXUtyKx20NPrc36LI45q9Ui2dnzxFWPeQYaOWTYMacdP5eu2BxNyS3tFjdos3pRbmtJ0EjMPdvlkDifupOrJlE+UTjus86W56ztJf8IyA1n+gyjyb7WpHGlRBQcLJRVSv5+oVqnGXzHGFdUtJ1VVuaLph35DZ6RvaSl1572hqqQj5+EJBOVh4rZCSlSMw8xKSntrzY9+zAlFDl2y04zk h+yQAMnG DWnZntVPTq2S32f4YlVl21/gih7w9mYFL0Rn5FH7UoBwX3ktRsjuIXznuCIgLCx+Fe4KDWTpBygavRc/BfECvBRxjXHLq7p3pwWmTL5uhzHQnYeW2jyh3rbL9r/m/weLeCYe8rvrm7bf5aw8dFVEoH5MDqBe6rmmQHap/K7hk4tJ8C02T/cgTz9weLGMeYi+DIzTiBj81a4YydeqMa8vFdvCiAxSr5JIctLhapWNtHJo3ntCr+/X37pq01uAsg/xKMfDT1c9SSHKcUTtz09iXaoc0kQH2OyT2tMkfPXMv59Wm+j2RwsiXVmtZKJjmq+kFtyHBDd+2NZSbEONm4NBZO6OzW2hI8O1rlI7gsjDt1sXV8pq6D6FUhIM0jvvrlRey+1Kkn2d1mDFjXYWJy4yaRePkefGn6ZOsZfWF X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: Add some tests to cover the new PR_MDWE_NO_INHERIT flag of the PR_SET_MDWE prctl. Check that: - it can't be set without PR_SET_MDWE - MDWE flags can't be unset - when set, PR_SET_MDWE doesn't propagate to children Signed-off-by: Florent Revest Acked-by: Catalin Marinas --- tools/testing/selftests/mm/mdwe_test.c | 98 ++++++++++++++++++++++++-- 1 file changed, 92 insertions(+), 6 deletions(-) diff --git a/tools/testing/selftests/mm/mdwe_test.c b/tools/testing/selftests/mm/mdwe_test.c index 91aa9c3099e7..7bfc98bf9baa 100644 --- a/tools/testing/selftests/mm/mdwe_test.c +++ b/tools/testing/selftests/mm/mdwe_test.c @@ -22,6 +22,8 @@ TEST(prctl_flags) { + EXPECT_LT(prctl(PR_SET_MDWE, PR_MDWE_NO_INHERIT, 0L, 0L, 7L), 0); + EXPECT_LT(prctl(PR_SET_MDWE, 7L, 0L, 0L, 0L), 0); EXPECT_LT(prctl(PR_SET_MDWE, 0L, 7L, 0L, 0L), 0); EXPECT_LT(prctl(PR_SET_MDWE, 0L, 0L, 7L, 0L), 0); @@ -33,6 +35,69 @@ TEST(prctl_flags) EXPECT_LT(prctl(PR_GET_MDWE, 0L, 0L, 0L, 7L), 0); } +FIXTURE(consecutive_prctl_flags) {}; +FIXTURE_SETUP(consecutive_prctl_flags) {} +FIXTURE_TEARDOWN(consecutive_prctl_flags) {} + +FIXTURE_VARIANT(consecutive_prctl_flags) +{ + unsigned long first_flags; + unsigned long second_flags; + bool should_work; +}; + +FIXTURE_VARIANT_ADD(consecutive_prctl_flags, same) +{ + .first_flags = PR_MDWE_REFUSE_EXEC_GAIN, + .second_flags = PR_MDWE_REFUSE_EXEC_GAIN, + .should_work = true, +}; + +FIXTURE_VARIANT_ADD(consecutive_prctl_flags, cant_disable_mdwe) +{ + .first_flags = PR_MDWE_REFUSE_EXEC_GAIN, + .second_flags = 0, + .should_work = false, +}; + +FIXTURE_VARIANT_ADD(consecutive_prctl_flags, cant_disable_mdwe_no_inherit) +{ + .first_flags = PR_MDWE_REFUSE_EXEC_GAIN | PR_MDWE_NO_INHERIT, + .second_flags = 0, + .should_work = false, +}; + +FIXTURE_VARIANT_ADD(consecutive_prctl_flags, cant_disable_no_inherit) +{ + .first_flags = PR_MDWE_REFUSE_EXEC_GAIN | PR_MDWE_NO_INHERIT, + .second_flags = PR_MDWE_REFUSE_EXEC_GAIN, + .should_work = false, +}; + +FIXTURE_VARIANT_ADD(consecutive_prctl_flags, cant_enable_no_inherit) +{ + .first_flags = PR_MDWE_REFUSE_EXEC_GAIN, + .second_flags = PR_MDWE_REFUSE_EXEC_GAIN | PR_MDWE_NO_INHERIT, + .should_work = false, +}; + +TEST_F(consecutive_prctl_flags, two_prctls) +{ + int ret; + + EXPECT_EQ(prctl(PR_SET_MDWE, variant->first_flags, 0L, 0L, 0L), 0); + + ret = prctl(PR_SET_MDWE, variant->second_flags, 0L, 0L, 0L); + if (variant->should_work) { + EXPECT_EQ(ret, 0); + + ret = prctl(PR_GET_MDWE, 0L, 0L, 0L, 0L); + ASSERT_EQ(ret, variant->second_flags); + } else { + EXPECT_NE(ret, 0); + } +} + FIXTURE(mdwe) { void *p; @@ -45,28 +110,45 @@ FIXTURE_VARIANT(mdwe) { bool enabled; bool forked; + bool inherit; }; FIXTURE_VARIANT_ADD(mdwe, stock) { .enabled = false, .forked = false, + .inherit = false, }; FIXTURE_VARIANT_ADD(mdwe, enabled) { .enabled = true, .forked = false, + .inherit = true, }; -FIXTURE_VARIANT_ADD(mdwe, forked) +FIXTURE_VARIANT_ADD(mdwe, inherited) { .enabled = true, .forked = true, + .inherit = true, }; +FIXTURE_VARIANT_ADD(mdwe, not_inherited) +{ + .enabled = true, + .forked = true, + .inherit = false, +}; + +static bool executable_map_should_fail(const FIXTURE_VARIANT(mdwe) *variant) +{ + return variant->enabled && (!variant->forked || variant->inherit); +} + FIXTURE_SETUP(mdwe) { + unsigned long mdwe_flags; int ret, status; self->p = NULL; @@ -76,13 +158,17 @@ FIXTURE_SETUP(mdwe) if (!variant->enabled) return; - ret = prctl(PR_SET_MDWE, PR_MDWE_REFUSE_EXEC_GAIN, 0L, 0L, 0L); + mdwe_flags = PR_MDWE_REFUSE_EXEC_GAIN; + if (!variant->inherit) + mdwe_flags |= PR_MDWE_NO_INHERIT; + + ret = prctl(PR_SET_MDWE, mdwe_flags, 0L, 0L, 0L); ASSERT_EQ(ret, 0) { TH_LOG("PR_SET_MDWE failed or unsupported"); } ret = prctl(PR_GET_MDWE, 0L, 0L, 0L, 0L); - ASSERT_EQ(ret, 1); + ASSERT_EQ(ret, mdwe_flags); if (variant->forked) { self->pid = fork(); @@ -113,7 +199,7 @@ TEST_F(mdwe, mmap_READ_EXEC) TEST_F(mdwe, mmap_WRITE_EXEC) { self->p = mmap(NULL, self->size, PROT_WRITE | PROT_EXEC, self->flags, 0, 0); - if (variant->enabled) { + if (executable_map_should_fail(variant)) { EXPECT_EQ(self->p, MAP_FAILED); } else { EXPECT_NE(self->p, MAP_FAILED); @@ -139,7 +225,7 @@ TEST_F(mdwe, mprotect_add_EXEC) ASSERT_NE(self->p, MAP_FAILED); ret = mprotect(self->p, self->size, PROT_READ | PROT_EXEC); - if (variant->enabled) { + if (executable_map_should_fail(variant)) { EXPECT_LT(ret, 0); } else { EXPECT_EQ(ret, 0); @@ -154,7 +240,7 @@ TEST_F(mdwe, mprotect_WRITE_EXEC) ASSERT_NE(self->p, MAP_FAILED); ret = mprotect(self->p, self->size, PROT_WRITE | PROT_EXEC); - if (variant->enabled) { + if (executable_map_should_fail(variant)) { EXPECT_LT(ret, 0); } else { EXPECT_EQ(ret, 0);